Researchers found that Microsoft’s MFA could be bypassed by guessing possible codes.

Researchers have found that Microsoft’s multi-factor authentication (MFA) could be bypassed by guessing codes under the right conditions. They found that accounts which used an authentication app created a condition where malicious actors could continue to submit incorrect codes without the account locking account. The researchers have said they informed Microsoft of the vulnerability and that patches have been released.

Read more:

https://cybernews.com/security/researchers-bypass-microsoft-mfa-by-guessing-codes/